ANNUAL DOD CYBER AWARENESS

ANNUAL DOD CYBER AWARENESS

CHALLENGE EXAM FLASHCARDS

EXAM PREPARATION GUIDE | 93 ITEMS

Q:Which of the following attacks target high ranking officials and executives?

Whaling

Q:Using webmail may bypass built in security features.

TRUE

Q:What should you do to protect yourself while on social networks?

Validate all friend requests through another source before confirming them Q:What actions should you take prior to leaving the work environment and going to lunch?All of the above Q:If classified information were released, which classification level would result in "Exceptionally grave damage to national security"?Top Secret Q:Which of the following is NOT a security best practice when saving cookies to a hard drive?Looking for "https" in the URL. All https sites are legitimate.

Q:Which of the following is NOT sensitive information?

Unclassified information cleared for public release

Q:What can you do to prevent spillage?

all of the above

Q:What can you do to protect yourself against phishing?

All of the above

Q:What should be done to protect against insider threats?

Report any suspicious behavior

Q:What should be done to sensitive data on laptops and other mobile computing

devices?Encrypt the sensitive data

Q:Which is NOT a method of protecting classified data?

Assuming open storage is always authorized in a secure facility

Q:It is getting late on Friday. You are reviewing your employees annual self

evaluation. Your comments are due on Monday. You can email your employees information to yourself so you can work on it this weekend and go home now.Which method would be the BEST way to send this information?Use the government email system so you can encrypt the information and open the email on your government issued laptop

Q:Which of the following is NOT a potential insider threat?

Member of a religion or faith

Q:Which of the following is an example of malicious code?

Trojan horses

Q:Should you always label your removable media?

Yes

Q:A medium secure password has at least 15 characters and one of the following.

Special character Q:You check your bank statement and see several debits you did not authorize. You believe that you are a victim of identity theft. Which of the following should you do immediately?Monitor credit card statements for unauthorized purchases Q:Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. How many potential insider threat indicators is Bob displaying?3

Q:Which of the following definitions is true about disclosure of confidential

information?Damage to national security

Q:When leaving your work area, what is the first thing you should do?

Remove your CAC/PIV Q:It is permissible to release unclassified information to the public prior to being cleared.False

Q:A coworker has left an unknown CD on your desk. What should you do?

Put the CD in the trash Q:The CAC/PIV is a controlled item and contains certificates for: All of the above

Q:The use of webmail is

is only allowed if the organization permits it

Q:Which of the following best describes wireless technology?

It is inherently not a secure technology

Q:Which is NOT a telework guideline?

Taking classified documents from your workspace

Q:Which of the following is a good practice to avoid email viruses?

Delete email from senders you do not know

Q:UNCLASSIFIED is a designation to mark information that does not have

potential to damage national security.

TRUE Q:What type of security is "part of your responsibility" and "placed above all else?" Physical

Q:Spear Phishing attacks commonly attempt to impersonate email from trusted

entities. What security device is used in email to verify the identity of sender?Digital Signatures

Q:ActiveX is a type of this?

Mobile code

Q:What is considered ethical use of the Government email system?

Distributing Company newsletter Q:PII, PHI, and financial information is classified as what type of information?Sensitive